CVE-2026-30918

Name of the Vulnerable Software and Affected Versions facileManager versions prior to 6.0.4

Description facileManager is a modular suite of web apps designed for system administrators. A reflected cross-site scripting (XSS) issue exists when the application processes data from an untrusted source and incorporates it into HTTP responses, potentially leading to security compromises. An attacker can inject malicious JavaScript code into a URL by including a script within a parameter. This vulnerability is present in the fmDNS module, specifically affecting the log search query parameter.

Recommendations Update to version 6.0.4 or later.